def test_verify_account_wrong_key(self):
idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email,
"drgUQCLzOyfHxmTyVs0G")
path = reverse(
"sentry-idp-email-verification",
args=["d14Ja9N2eQfPfVzcydS6vzcxWecZJG2z2"],
)
response = self.client.get(path)
assert response.status_code == 404
def test_verify_account_wrong_key(self):
idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email, self.IDENTITY_ID)
path = reverse(
"sentry-idp-email-verification",
args=["d14Ja9N2eQfPfVzcydS6vzcxWecZJG2z2"],
)
response = self.client.get(path)
assert response.status_code == 200
assert response.templates[
0].name == "sentry/idp_account_not_verified.html"
def _dispatch_to_confirmation(
self, is_new_account: bool) -> Tuple[Optional[User], str]:
if self._logged_in_user:
return self._logged_in_user, "auth-confirm-link"
if features.has("organizations:idp-automatic-migration",
self.organization):
if self._app_user and not self._has_usable_password():
send_one_time_account_confirm_link(
self._app_user,
self.organization,
self.auth_provider,
self.identity["email"],
self.identity["id"],
)
return self.user, "auth-confirm-account"
self.request.session.set_test_cookie()
return None if is_new_account else self.user, "auth-confirm-identity"
def _dispatch_to_confirmation(
self, identity: Identity) -> Tuple[Optional[User], str]:
if self.user.is_authenticated:
return self.user, "auth-confirm-link"
if features.has("organizations:idp-automatic-migration",
self.organization):
existing_user = self._get_user(identity)
if existing_user and not existing_user.has_usable_password():
send_one_time_account_confirm_link(
existing_user,
self.organization,
self.provider_name,
identity["email"],
identity["id"],
)
return existing_user, "auth-confirm-account"
self.request.session.set_test_cookie()
return None, "auth-confirm-identity"
def test_send_without_org_membership(self):
link = idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email, self.IDENTITY_ID)
value = json.loads(idpmigration.get_redis_cluster().get(
link.verification_key))
assert value["user_id"] == self.user.id
assert value["email"] == self.email
assert value["member_id"] is None
assert value["organization_id"] == self.org.id
assert value["identity_id"] == self.IDENTITY_ID
assert value["provider"] == "dummy"
def test_verify_account(self):
link = idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email,
"drgUQCLzOyfHxmTyVs0G")
path = reverse(
"sentry-idp-email-verification",
args=[link.verification_code],
)
response = self.client.get(path)
assert (self.client.session["confirm_account_verification_key"] ==
f"auth:one-time-key:{link.verification_code}")
assert response.status_code == 302
assert response.url == "/auth/login/"
def test_verify_account(self):
link = idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email, self.IDENTITY_ID)
path = reverse(
"sentry-idp-email-verification",
args=[link.verification_code],
)
response = self.client.get(path)
assert self.client.session[
idpmigration.SSO_VERIFICATION_KEY] == link.verification_code
assert response.status_code == 200
assert response.templates[0].name == "sentry/idp_account_verified.html"
def test_send_one_time_account_confirm_link(self):
om = OrganizationMember.objects.create(organization=self.org,
user=self.user)
link = idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email, self.IDENTITY_ID)
assert re.match(r"auth:one-time-key:\w{32}", link.verification_key)
value = json.loads(idpmigration.get_redis_cluster().get(
link.verification_key))
assert value["user_id"] == self.user.id
assert value["email"] == self.email
assert value["member_id"] == om.id
assert value["organization_id"] == self.org.id
assert value["identity_id"] == self.IDENTITY_ID
assert value["provider"] == "dummy"
def test_send_one_time_account_confirm_link(self):
link = idpmigration.send_one_time_account_confirm_link(
self.user, self.org, self.provider, self.email,
"drgUQCLzOyfHxmTyVs0G")
assert re.match(r"auth:one-time-key:\w{32}", link.verification_key)